Can someone help me to find information about API Keys in Policy manager? Maybe a video or guide
Are you using the API Developer Portal to issue the API Keys?
Assuming you are using the Portal, you would just need to include the correct policy fragment in your policy that enforces API key checking.
Is there any common set of assertion that do this? Can you tell me those as I'm having a hard time finding those.
You need to create a policy fragment (you can call it whatever but I usually call it Portal Integration Snippet). Once you've created a blank policy you need to import the policy, which you need to download from the support site (the file is called Portal.Integration.Policy.Snippet-v3.5.xml for version 3.5 of the portal). Show comments and show assertion numbers on this policy and you will see on Step 3 and Step 4 folders. Step 3 you need to drag the assertion "include policy fragment" over to the comment on line 24 and select the Account Plans Fragment. Step 4 (line 31) you need to do the same for Api Plans Fragment.
Now you've created a policy to Check the API key in the request, capture metrics, enforce account plan, and enforce api plan. Now in your new service/api (whatever you are trying to protect with an API Key) you would drag over to the top the "include policy fragment" and select this new fragment "Portal Integration Snippet." Save and Activate. You now must include a valid API Key in each request to your service.
Hi Tj Blogumas,
Thanks for replying. I can't seem to find Portal.Integration.Policy.Snippet-v3.5.xml nor the API Portal Content Pack version 3.5 in which the file is supposed to be according to the documentation. If you can, please direct me to obtain it.